License activation system

I’m trying to automate license installation and activation. Activating a license through a file or a variable works, but then I cannot change the key through the browser, they say that it is necessary to change the variable and restart kibana, this does not suit me.
There remains the option with the API, but it does not work for me. Can you suggest what I’m doing wrong?

curl -XPOST -k 'https://host:5601/pkp/license' -d '{"token": "key"}' -H 'Content-Type: application/json'


{"statusCode":404,"error":"Not Found","message":"Not Found"}

In my config I have

readonlyrest_kbn.whitelistedPaths: [".*/api/status$", ".*/pkp/license$"]

If I remove this line, then for a request without authorization I get:

curl -XPOST -k 'https://host:5601/pkp/license' -d '{"token": "key"}' -H 'Content-Type: application/json'
Found. Redirecting to /logout?nextUrl=%2Fpkp%2Flicense% 

With authorization

curl -u user:pass -XPOST -k 'https://host:5601/pkp/license' -d '{"token": "key"}' -H 'Content-Type: application/json'
Found. Redirecting to /logout?nextUrl=%2Fpkp%2Flicense%  

Tell me what am I doing wrong?

Enterprise 1.49.1_es7.15.1 :unicorn:

{“customer_id”: “6c4a385b-2ae8-4f02-a9cd-ef24addfb5b3”, “subscription_id”: “32d4073f-dc2f-4056-a868-842727c637cd”}

Perhaps the SSL settings from the kibana config will be useful:

server.port: 5601 ""

elasticsearch.hosts: ["https://localhost:9200"]
elasticsearch.username: login
elasticsearch.password: pass

readonlyrest_kbn.clearSessionOnEvents: ["login"]
readonlyrest_kbn.kibana_custom_css_inject: "[data-test-subj*=spacesNavSelector] { display: none !important } [data-test-subj*=homeLink] { display: none !important } [data-test-subj*=discover-addRuntimeField-popove] { display: none !important } [data-test-subj*=discoverOptionsButton] { display: none !important }"
readonlyrest_kbn.kibana_custom_js_inject: "$('[data-test-subj*=spacesNavSelector]').remove() $('[data-test-subj*=homeLink').remove() $('[data-test-subj=discover-addRuntimeField-popover').remove() $('[data-test-subj*=discoverOptionsButton]').remove()"
readonlyrest_kbn.cookiePass: "cook"
readonlyrest_kbn.cookieName: "ror"
readonlyrest_kbn.store_sessions_in_index: true
readonlyrest_kbn.sessions_index_name: ".readonlyrest"
readonlyrest_kbn.sessions_refresh_after: 100
readonlyrest_kbn.whitelistedPaths: [".*/api/status$"]
readonlyrest_kbn.sessions_probe_interval_seconds: 600

server.ssl.enabled: true
server.ssl.keystore.path: "/etc/kibana/cert.p12"
server.ssl.keystore.password: ""
server.ssl.supportedProtocols: ["TLSv1.2", "TLSv1.3"]
elasticsearch.ssl.alwaysPresentCertificate: true
elasticsearch.ssl.verificationMode: none
migrations.enableV2: false
monitoring.enabled: false
console.enabled: true

I’m out of office now, and cannot check the code or test. But what I would do is: open chrome dev tools on the network tab, and try save a new activation key (random string, doesn’t matter) from kibana ror ui. Then observe the xhr request being logged in dev tools.

Hi @driveirk

Could you try something like this?

curl -X 'POST' \
        -v \
        -k \
        'https://localhost:5601/pkp/api/license?overwrite=true' \
        -H 'Content-Type: application/json' \
        -d '{"token": "<YOUR_TOKEN>"}'

This url works. You need to change the url to /pkp/api/license?overwrite=true in the documentation
Here is a link to the bug in the documentation:

1 Like

Thanks @driveirk, @Dzuming can you take care of updating the docs?

1 Like

I just want to notify you that the documentation has not yet been updated.

It’s in the develop branch of the documentation, you can switch using the top left dropdown menu in the docs.

As soon as we release, it will be present.

1 Like